دورية أكاديمية
Feature Extraction Method for Public Component Libraries Based on Cross-fingerprint Analysis
| العنوان: | Feature Extraction Method for Public Component Libraries Based on Cross-fingerprint Analysis |
|---|---|
| المؤلفون: | GUO Wei, WU Zehui, WU Qianqiong, LI Xixing |
| المصدر: | Jisuanji kexue, Vol 50, Iss 1, Pp 373-379 (2023) |
| بيانات النشر: | Editorial office of Computer Science, 2023. |
| سنة النشر: | 2023 |
| المجموعة: | LCC:Computer software LCC:Technology (General) |
| مصطلحات موضوعية: | software component analysis, component identification, dynamically linked library, version identification, Computer software, QA76.75-76.765, Technology (General), T1-995 |
| الوصف: | The widespread use of software public component libraries increases the speed of software development while expanding the attack surface of software.Vulnerabilities that exist in public component libraries are widely distributed in software that uses the library files,and the compatibility,stability,and development delays make it difficult to fix such vulnerabilities and the patching period is long.Software component analysis is an important tool to solve such problems,but limited by the problem of ineffective feature selection and difficulties in extracting accurate features from public component libraries,the accuracy of component analysis is not high and generally stays at the level of kind location.In this paper,we propose a public component library feature extraction method based on cross-fingerprint analysis,build a fingerprint library based on 25 000 open source projects on GitHub platform,propose source string role classification,export function fingerprint analysis,binary compilation fingerprint analysis,etc.to extract cross-fingerprints of component libraries,realize the accurate localization of public component libraries,develop a prototype tool LVRecognizer,test and evaluate 516 real softwares,and obtain a accuracy rate of 94.74%. |
| نوع الوثيقة: | article |
| وصف الملف: | electronic resource |
| اللغة: | Chinese |
| تدمد: | 1002-137X |
| العلاقة: | https://www.jsjkx.com/fileup/1002-137X/PDF/1002-137X-2023-50-1-373.pdfTest; https://doaj.org/toc/1002-137XTest |
| DOI: | 10.11896/jsjkx.211100121 |
| الوصول الحر: | https://doaj.org/article/f85082c85467418c9ce63555d25da8f7Test |
| رقم الانضمام: | edsdoj.f85082c85467418c9ce63555d25da8f7 |
| قاعدة البيانات: | Directory of Open Access Journals |
| تدمد: | 1002137X |
|---|---|
| DOI: | 10.11896/jsjkx.211100121 |